5 Medium
CVSS2
Attack Vector
NETWORK
Attack Complexity
LOW
Authentication
NONE
Confidentiality Impact
NONE
Integrity Impact
NONE
Availability Impact
PARTIAL
AV:N/AC:L/Au:N/C:N/I:N/A:P
0.967 High
EPSS
Percentile
99.7%
The “monlist” command of the NTP protocol is currently abused in a DDoS reflection attack. This is done by spoofing packets from addresses to which the attack is directed to. The ntp installations itself are not target of the attack, but they are part of the DDoS network which the attacker is driving (CVE-2013-5211). IMPORTANT Note: the workaround for this issue is not a change in the software, but instead is a change in the default configuration. In most cases, the configuration change will need to be made manually by administrators in the /etc/ntp.conf file, as the package will only install the updated configuration as /etc/ntp.conf.rpmnew. The following lines should be added to the end of /etc/ntp.conf: # Permit time synchronization with our time source, but do not # permit the source to query or modify the service on this system. restrict default nomodify notrap nopeer noquery
OS | Version | Architecture | Package | Version | Filename |
---|---|---|---|---|---|
Mageia | 3 | noarch | ntp | < 4.2.6p5-12.1 | ntp-4.2.6p5-12.1.mga3 |